Basics
Requests to the MILK API on behalf of a user are authenticated using a token. This token is passed in the HTTP Authorization header as a bearer token. For example:
GET http://api.milkbooks.com/... HTTP/1.1
Content-Type: application/json
Accept: application/json
Authorization: Bearer {Token}
Obtaining a Token
The MILK API has 2 ways of authenticating users to obtain a token.
- Internal -
- Users are registered with and log into the MILK API.
- After logging in to the MILK API servers with the users credentials, the MILK API issues a signed token which can be used to make requests on behalf of that user.
- External
- Users are registered with and log into servers controlled by the API implementer.
- After logging in to the implementer's servers, the implementer's servers issue a signed token which can then be accepted by the MILK API to make on behalf of that user.
Once you have let MILK know which method you will be using to authenticate your users, we'll set up your account and issue with the required credentials for your chosen method.
...
- An application already has an existing server based user account system.